RHSA-2013:0561
Vulnerability from csaf_redhat
Published
2013-03-06 18:38
Modified
2024-11-22 05:51
Summary
Red Hat Security Advisory: Red Hat Enterprise MRG Messaging 2.3 security update
Notes
Topic
Updated Messaging component packages that fix multiple security issues,
several bugs, and add various enhancements are now available for Red Hat
Enterprise MRG 2.3 for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation
IT infrastructure for enterprise computing. MRG offers increased
performance, reliability, interoperability, and faster computing for
enterprise customers.
MRG Messaging is a high-speed reliable messaging distribution for Linux
based on AMQP (Advanced Message Queuing Protocol), an open protocol
standard for enterprise messaging that is designed to make mission critical
messaging widely available as a standard service, and to make enterprise
messaging interoperable across platforms, programming languages, and
vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10
client libraries for C++, Java JMS, and Python; as well as persistence
libraries and management tools.
It was found that the Apache Qpid daemon (qpidd) treated AMQP connections
with the federation_tag attribute set as a broker-to-broker connection,
rather than a client-to-server connection. This resulted in the source user
ID of messages not being checked. A client that can establish an AMQP
connection with the broker could use this flaw to bypass intended
authentication. For Condor users, if condor-aviary is installed, this flaw
could be used to submit jobs that would run as any user (except root, as
Condor does not run jobs as root). (CVE-2012-4446)
It was found that the AMQP type decoder in qpidd allowed arbitrary data
types in certain messages. A remote attacker could use this flaw to send a
message containing an excessively large amount of data, causing qpidd to
allocate a large amount of memory. qpidd would then be killed by the Out of
Memory killer (denial of service). (CVE-2012-4458)
An integer overflow flaw, leading to an out-of-bounds read, was found in
the Qpid qpid::framing::Buffer::checkAvailable() function. An
unauthenticated, remote attacker could send a specially-crafted message to
Qpid, causing it to crash. (CVE-2012-4459)
The CVE-2012-4446, CVE-2012-4458, and CVE-2012-4459 issues were discovered
by Florian Weimer of the Red Hat Product Security Team.
This update also fixes several bugs and adds enhancements. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.
All users of the Messaging capabilities of Red Hat Enterprise MRG are
advised to upgrade to these updated packages, which resolve these issues,
and fix the bugs and add the enhancements noted in the Red Hat Enterprise
MRG 2 Technical Notes. After installing the updated packages, stop the
cluster by either running "service qpidd stop" on all nodes, or
"qpid-cluster --all-stop" on any one of the cluster nodes. Once stopped,
restart the cluster with "service qpidd start" on all nodes for the update
to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated Messaging component packages that fix multiple security issues,\nseveral bugs, and add various enhancements are now available for Red Hat\nEnterprise MRG 2.3 for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation\nIT infrastructure for enterprise computing. MRG offers increased\nperformance, reliability, interoperability, and faster computing for\nenterprise customers.\n\nMRG Messaging is a high-speed reliable messaging distribution for Linux\nbased on AMQP (Advanced Message Queuing Protocol), an open protocol\nstandard for enterprise messaging that is designed to make mission critical\nmessaging widely available as a standard service, and to make enterprise\nmessaging interoperable across platforms, programming languages, and\nvendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10\nclient libraries for C++, Java JMS, and Python; as well as persistence\nlibraries and management tools.\n\nIt was found that the Apache Qpid daemon (qpidd) treated AMQP connections\nwith the federation_tag attribute set as a broker-to-broker connection,\nrather than a client-to-server connection. This resulted in the source user\nID of messages not being checked. A client that can establish an AMQP\nconnection with the broker could use this flaw to bypass intended\nauthentication. For Condor users, if condor-aviary is installed, this flaw\ncould be used to submit jobs that would run as any user (except root, as\nCondor does not run jobs as root). (CVE-2012-4446)\n\nIt was found that the AMQP type decoder in qpidd allowed arbitrary data\ntypes in certain messages. A remote attacker could use this flaw to send a\nmessage containing an excessively large amount of data, causing qpidd to\nallocate a large amount of memory. qpidd would then be killed by the Out of\nMemory killer (denial of service). (CVE-2012-4458)\n\nAn integer overflow flaw, leading to an out-of-bounds read, was found in\nthe Qpid qpid::framing::Buffer::checkAvailable() function. An\nunauthenticated, remote attacker could send a specially-crafted message to\nQpid, causing it to crash. (CVE-2012-4459)\n\nThe CVE-2012-4446, CVE-2012-4458, and CVE-2012-4459 issues were discovered\nby Florian Weimer of the Red Hat Product Security Team.\n\nThis update also fixes several bugs and adds enhancements. Documentation\nfor these changes will be available shortly from the Technical Notes\ndocument linked to in the References section.\n\nAll users of the Messaging capabilities of Red Hat Enterprise MRG are\nadvised to upgrade to these updated packages, which resolve these issues,\nand fix the bugs and add the enhancements noted in the Red Hat Enterprise\nMRG 2 Technical Notes. After installing the updated packages, stop the\ncluster by either running \"service qpidd stop\" on all nodes, or\n\"qpid-cluster --all-stop\" on any one of the cluster nodes. Once stopped,\nrestart the cluster with \"service qpidd start\" on all nodes for the update\nto take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0561", url: "https://access.redhat.com/errata/RHSA-2013:0561", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-0561.html", url: "https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-0561.html", }, { category: "external", summary: "678612", url: "https://bugzilla.redhat.com/show_bug.cgi?id=678612", }, { category: "external", summary: "710787", url: "https://bugzilla.redhat.com/show_bug.cgi?id=710787", }, { category: "external", summary: "720714", url: "https://bugzilla.redhat.com/show_bug.cgi?id=720714", }, { category: "external", summary: "737685", url: "https://bugzilla.redhat.com/show_bug.cgi?id=737685", }, { category: "external", summary: "740485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=740485", }, { category: "external", summary: "754990", url: "https://bugzilla.redhat.com/show_bug.cgi?id=754990", }, { category: "external", summary: "773719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=773719", }, { category: "external", summary: "781496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=781496", }, { category: "external", summary: "782806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=782806", }, { category: "external", summary: "783215", url: "https://bugzilla.redhat.com/show_bug.cgi?id=783215", }, { category: "external", summary: "784957", url: "https://bugzilla.redhat.com/show_bug.cgi?id=784957", }, { category: "external", summary: "786555", url: "https://bugzilla.redhat.com/show_bug.cgi?id=786555", }, { category: "external", summary: "790004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=790004", }, { category: "external", summary: "800912", url: "https://bugzilla.redhat.com/show_bug.cgi?id=800912", }, { category: "external", summary: "801605", url: "https://bugzilla.redhat.com/show_bug.cgi?id=801605", }, { category: "external", summary: "804752", url: "https://bugzilla.redhat.com/show_bug.cgi?id=804752", }, { category: "external", summary: "813742", url: "https://bugzilla.redhat.com/show_bug.cgi?id=813742", }, { category: "external", summary: "814356", url: "https://bugzilla.redhat.com/show_bug.cgi?id=814356", }, { category: "external", summary: "834256", url: "https://bugzilla.redhat.com/show_bug.cgi?id=834256", }, { category: "external", summary: "836141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=836141", }, { category: "external", summary: "846465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=846465", }, { category: "external", summary: "849788", url: "https://bugzilla.redhat.com/show_bug.cgi?id=849788", }, { category: "external", summary: "849790", url: "https://bugzilla.redhat.com/show_bug.cgi?id=849790", }, { category: "external", summary: "851355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=851355", }, { category: "external", summary: "856299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=856299", }, { category: "external", summary: "860011", url: "https://bugzilla.redhat.com/show_bug.cgi?id=860011", }, { category: "external", summary: "861234", url: "https://bugzilla.redhat.com/show_bug.cgi?id=861234", }, { category: "external", summary: "861241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=861241", }, { category: "external", summary: "861838", url: "https://bugzilla.redhat.com/show_bug.cgi?id=861838", }, { category: "external", summary: "866677", url: "https://bugzilla.redhat.com/show_bug.cgi?id=866677", }, { category: "external", summary: "868403", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868403", }, { category: "external", summary: "868881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868881", }, { category: "external", summary: "870058", url: "https://bugzilla.redhat.com/show_bug.cgi?id=870058", }, { category: "external", summary: "871774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=871774", }, { category: "external", summary: "876193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=876193", }, { category: "external", summary: "876664", url: "https://bugzilla.redhat.com/show_bug.cgi?id=876664", }, { category: "external", summary: "877081", url: "https://bugzilla.redhat.com/show_bug.cgi?id=877081", }, { category: "external", summary: "877553", url: "https://bugzilla.redhat.com/show_bug.cgi?id=877553", }, { category: "external", summary: "882243", url: "https://bugzilla.redhat.com/show_bug.cgi?id=882243", }, { category: "external", summary: "884036", url: "https://bugzilla.redhat.com/show_bug.cgi?id=884036", }, { category: "external", summary: "888392", url: "https://bugzilla.redhat.com/show_bug.cgi?id=888392", }, { category: "external", summary: "893980", url: "https://bugzilla.redhat.com/show_bug.cgi?id=893980", }, { category: "external", summary: "895535", url: "https://bugzilla.redhat.com/show_bug.cgi?id=895535", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0561.json", }, ], title: "Red Hat Security Advisory: Red Hat Enterprise MRG Messaging 2.3 security update", tracking: { current_release_date: "2024-11-22T05:51:36+00:00", generator: { date: "2024-11-22T05:51:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0561", initial_release_date: "2013-03-06T18:38:00+00:00", revision_history: [ { date: "2013-03-06T18:38:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-03-06T18:48:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T05:51:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat MRG Messaging for RHEL 5 Server v.2", product: { name: "Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_mrg:2::el5", }, }, }, { category: "product_name", name: "MRG Grid for RHEL 5 Server v.2", product: { name: "MRG Grid for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-2", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_mrg:2::el5", }, }, }, { category: "product_name", name: "MRG Grid Execute Node for RHEL 5 Server v.2", product: { name: "MRG Grid Execute Node for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-Execute-Node-2", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_mrg:2::el5", }, }, }, { category: "product_name", name: "MRG Management for RHEL 5 Server v.2", product: { name: "MRG Management for RHEL 5 Server v.2", product_id: "5Server-MRG-Management-2", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_mrg:2::el5", }, }, }, ], category: "product_family", name: "Red Hat Enterprise MRG for RHEL-5", }, { branches: [ { category: "product_version", name: "saslwrapper-0:0.18-1.el5.x86_64", product: { name: "saslwrapper-0:0.18-1.el5.x86_64", product_id: "saslwrapper-0:0.18-1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper@0.18-1.el5?arch=x86_64", }, }, }, { category: "product_version", name: "python-saslwrapper-0:0.18-1.el5.x86_64", product: { name: "python-saslwrapper-0:0.18-1.el5.x86_64", product_id: "python-saslwrapper-0:0.18-1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-saslwrapper@0.18-1.el5?arch=x86_64", }, }, }, { category: "product_version", name: "ruby-saslwrapper-0:0.18-1.el5.x86_64", product: { name: "ruby-saslwrapper-0:0.18-1.el5.x86_64", product_id: "ruby-saslwrapper-0:0.18-1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ruby-saslwrapper@0.18-1.el5?arch=x86_64", }, }, }, { category: "product_version", name: "saslwrapper-debuginfo-0:0.18-1.el5.x86_64", product: { name: "saslwrapper-debuginfo-0:0.18-1.el5.x86_64", product_id: "saslwrapper-debuginfo-0:0.18-1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper-debuginfo@0.18-1.el5?arch=x86_64", }, }, }, { category: "product_version", name: "saslwrapper-devel-0:0.18-1.el5.x86_64", product: { name: "saslwrapper-devel-0:0.18-1.el5.x86_64", product_id: "saslwrapper-devel-0:0.18-1.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper-devel@0.18-1.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-client-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-client-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-client-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-mrg-debuginfo@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-rdma@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-store-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-store-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-store-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-store@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-rdma@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-devel-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-devel-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-devel-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-devel@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-cluster@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-ssl@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-devel-docs@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-server-xml-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-server-xml-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-server-xml-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-xml@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-client-devel-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-client-devel-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-client-devel-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-devel@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", product: { name: "qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", product_id: "qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-ssl@0.18-14.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-qmf-0:0.18-15.el5.x86_64", product: { name: "qpid-qmf-0:0.18-15.el5.x86_64", product_id: "qpid-qmf-0:0.18-15.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf@0.18-15.el5?arch=x86_64", }, }, }, { category: "product_version", name: "ruby-qpid-qmf-0:0.18-15.el5.x86_64", product: { name: "ruby-qpid-qmf-0:0.18-15.el5.x86_64", product_id: "ruby-qpid-qmf-0:0.18-15.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/ruby-qpid-qmf@0.18-15.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", product: { name: "qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", product_id: "qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf-debuginfo@0.18-15.el5?arch=x86_64", }, }, }, { category: "product_version", name: "python-qpid-qmf-0:0.18-15.el5.x86_64", product: { name: "python-qpid-qmf-0:0.18-15.el5.x86_64", product_id: "python-qpid-qmf-0:0.18-15.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-qpid-qmf@0.18-15.el5?arch=x86_64", }, }, }, { category: "product_version", name: "qpid-qmf-devel-0:0.18-15.el5.x86_64", product: { name: "qpid-qmf-devel-0:0.18-15.el5.x86_64", product_id: "qpid-qmf-devel-0:0.18-15.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf-devel@0.18-15.el5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "saslwrapper-0:0.18-1.el5.i386", product: { name: "saslwrapper-0:0.18-1.el5.i386", product_id: "saslwrapper-0:0.18-1.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper@0.18-1.el5?arch=i386", }, }, }, { category: "product_version", name: "python-saslwrapper-0:0.18-1.el5.i386", product: { name: "python-saslwrapper-0:0.18-1.el5.i386", product_id: "python-saslwrapper-0:0.18-1.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/python-saslwrapper@0.18-1.el5?arch=i386", }, }, }, { category: "product_version", name: "ruby-saslwrapper-0:0.18-1.el5.i386", product: { name: "ruby-saslwrapper-0:0.18-1.el5.i386", product_id: "ruby-saslwrapper-0:0.18-1.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/ruby-saslwrapper@0.18-1.el5?arch=i386", }, }, }, { category: "product_version", name: "saslwrapper-debuginfo-0:0.18-1.el5.i386", product: { name: "saslwrapper-debuginfo-0:0.18-1.el5.i386", product_id: "saslwrapper-debuginfo-0:0.18-1.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper-debuginfo@0.18-1.el5?arch=i386", }, }, }, { category: "product_version", name: "saslwrapper-devel-0:0.18-1.el5.i386", product: { name: "saslwrapper-devel-0:0.18-1.el5.i386", product_id: "saslwrapper-devel-0:0.18-1.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper-devel@0.18-1.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-client-0:0.18-14.el5.i386", product: { name: "qpid-cpp-client-0:0.18-14.el5.i386", product_id: "qpid-cpp-client-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", product: { name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", product_id: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-mrg-debuginfo@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-rdma-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-rdma-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-rdma-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-rdma@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-store-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-store-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-store-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-store@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-client-rdma-0:0.18-14.el5.i386", product: { name: "qpid-cpp-client-rdma-0:0.18-14.el5.i386", product_id: "qpid-cpp-client-rdma-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-rdma@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-devel-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-devel-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-devel-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-devel@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-cluster-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-cluster-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-cluster-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-cluster@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-ssl-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-ssl-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-ssl-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-ssl@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", product: { name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", product_id: "qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-devel-docs@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-server-xml-0:0.18-14.el5.i386", product: { name: "qpid-cpp-server-xml-0:0.18-14.el5.i386", product_id: "qpid-cpp-server-xml-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-server-xml@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-client-devel-0:0.18-14.el5.i386", product: { name: "qpid-cpp-client-devel-0:0.18-14.el5.i386", product_id: "qpid-cpp-client-devel-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-devel@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-cpp-client-ssl-0:0.18-14.el5.i386", product: { name: "qpid-cpp-client-ssl-0:0.18-14.el5.i386", product_id: "qpid-cpp-client-ssl-0:0.18-14.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-client-ssl@0.18-14.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-qmf-0:0.18-15.el5.i386", product: { name: "qpid-qmf-0:0.18-15.el5.i386", product_id: "qpid-qmf-0:0.18-15.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf@0.18-15.el5?arch=i386", }, }, }, { category: "product_version", name: "ruby-qpid-qmf-0:0.18-15.el5.i386", product: { name: "ruby-qpid-qmf-0:0.18-15.el5.i386", product_id: "ruby-qpid-qmf-0:0.18-15.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/ruby-qpid-qmf@0.18-15.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-qmf-debuginfo-0:0.18-15.el5.i386", product: { name: "qpid-qmf-debuginfo-0:0.18-15.el5.i386", product_id: "qpid-qmf-debuginfo-0:0.18-15.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf-debuginfo@0.18-15.el5?arch=i386", }, }, }, { category: "product_version", name: "python-qpid-qmf-0:0.18-15.el5.i386", product: { name: "python-qpid-qmf-0:0.18-15.el5.i386", product_id: "python-qpid-qmf-0:0.18-15.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/python-qpid-qmf@0.18-15.el5?arch=i386", }, }, }, { category: "product_version", name: "qpid-qmf-devel-0:0.18-15.el5.i386", product: { name: "qpid-qmf-devel-0:0.18-15.el5.i386", product_id: "qpid-qmf-devel-0:0.18-15.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf-devel@0.18-15.el5?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "saslwrapper-0:0.18-1.el5.src", product: { name: "saslwrapper-0:0.18-1.el5.src", product_id: "saslwrapper-0:0.18-1.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/saslwrapper@0.18-1.el5?arch=src", }, }, }, { category: "product_version", name: "python-qpid-0:0.18-4.el5.src", product: { name: "python-qpid-0:0.18-4.el5.src", product_id: "python-qpid-0:0.18-4.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-qpid@0.18-4.el5?arch=src", }, }, }, { category: "product_version", name: "mrg-release-0:2.3.0-1.el5.src", product: { name: "mrg-release-0:2.3.0-1.el5.src", product_id: "mrg-release-0:2.3.0-1.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mrg-release@2.3.0-1.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-tests-0:0.18-2.el5.src", product: { name: "qpid-tests-0:0.18-2.el5.src", product_id: "qpid-tests-0:0.18-2.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-tests@0.18-2.el5?arch=src", }, }, }, { category: "product_version", name: "cumin-messaging-0:0.1.1-2.el5.src", product: { name: "cumin-messaging-0:0.1.1-2.el5.src", product_id: "cumin-messaging-0:0.1.1-2.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/cumin-messaging@0.1.1-2.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-java-0:0.18-7.el5.src", product: { name: "qpid-java-0:0.18-7.el5.src", product_id: "qpid-java-0:0.18-7.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-java@0.18-7.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-jca-0:0.18-8.el5.src", product: { name: "qpid-jca-0:0.18-8.el5.src", product_id: "qpid-jca-0:0.18-8.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-jca@0.18-8.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-cpp-mrg-0:0.18-14.el5.src", product: { name: "qpid-cpp-mrg-0:0.18-14.el5.src", product_id: "qpid-cpp-mrg-0:0.18-14.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-cpp-mrg@0.18-14.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-tools-0:0.18-8.el5.src", product: { name: "qpid-tools-0:0.18-8.el5.src", product_id: "qpid-tools-0:0.18-8.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-tools@0.18-8.el5?arch=src", }, }, }, { category: "product_version", name: "qpid-qmf-0:0.18-15.el5.src", product: { name: "qpid-qmf-0:0.18-15.el5.src", product_id: "qpid-qmf-0:0.18-15.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-qmf@0.18-15.el5?arch=src", }, }, }, { category: "product_version", name: "rhm-docs-0:0.18-2.el5.src", product: { name: "rhm-docs-0:0.18-2.el5.src", product_id: "rhm-docs-0:0.18-2.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhm-docs@0.18-2.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python-qpid-0:0.18-4.el5.noarch", product: { name: "python-qpid-0:0.18-4.el5.noarch", product_id: "python-qpid-0:0.18-4.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python-qpid@0.18-4.el5?arch=noarch", }, }, }, { category: "product_version", name: "mrg-release-0:2.3.0-1.el5.noarch", product: { name: "mrg-release-0:2.3.0-1.el5.noarch", product_id: "mrg-release-0:2.3.0-1.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/mrg-release@2.3.0-1.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-tests-0:0.18-2.el5.noarch", product: { name: "qpid-tests-0:0.18-2.el5.noarch", product_id: "qpid-tests-0:0.18-2.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-tests@0.18-2.el5?arch=noarch", }, }, }, { category: "product_version", name: "cumin-messaging-0:0.1.1-2.el5.noarch", product: { name: "cumin-messaging-0:0.1.1-2.el5.noarch", product_id: "cumin-messaging-0:0.1.1-2.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/cumin-messaging@0.1.1-2.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-java-common-0:0.18-7.el5.noarch", product: { name: "qpid-java-common-0:0.18-7.el5.noarch", product_id: "qpid-java-common-0:0.18-7.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-java-common@0.18-7.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-java-client-0:0.18-7.el5.noarch", product: { name: "qpid-java-client-0:0.18-7.el5.noarch", product_id: "qpid-java-client-0:0.18-7.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-java-client@0.18-7.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-java-example-0:0.18-7.el5.noarch", product: { name: "qpid-java-example-0:0.18-7.el5.noarch", product_id: "qpid-java-example-0:0.18-7.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-java-example@0.18-7.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-jca-0:0.18-8.el5.noarch", product: { name: "qpid-jca-0:0.18-8.el5.noarch", product_id: "qpid-jca-0:0.18-8.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-jca@0.18-8.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-jca-xarecovery-0:0.18-8.el5.noarch", product: { name: "qpid-jca-xarecovery-0:0.18-8.el5.noarch", product_id: "qpid-jca-xarecovery-0:0.18-8.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-jca-xarecovery@0.18-8.el5?arch=noarch", }, }, }, { category: "product_version", name: "qpid-tools-0:0.18-8.el5.noarch", product: { name: "qpid-tools-0:0.18-8.el5.noarch", product_id: "qpid-tools-0:0.18-8.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/qpid-tools@0.18-8.el5?arch=noarch", }, }, }, { category: "product_version", name: "rhm-docs-0:0.18-2.el5.noarch", product: { name: "rhm-docs-0:0.18-2.el5.noarch", product_id: "rhm-docs-0:0.18-2.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhm-docs@0.18-2.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.noarch as a component of MRG Grid for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", }, product_reference: "mrg-release-0:2.3.0-1.el5.noarch", relates_to_product_reference: "5Server-MRG-Grid-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.src as a component of MRG Grid for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", }, product_reference: "mrg-release-0:2.3.0-1.el5.src", relates_to_product_reference: "5Server-MRG-Grid-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.noarch as a component of MRG Grid Execute Node for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", }, product_reference: "mrg-release-0:2.3.0-1.el5.noarch", relates_to_product_reference: "5Server-MRG-Grid-Execute-Node-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.src as a component of MRG Grid Execute Node for RHEL 5 Server v.2", product_id: "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", }, product_reference: "mrg-release-0:2.3.0-1.el5.src", relates_to_product_reference: "5Server-MRG-Grid-Execute-Node-2", }, { category: "default_component_of", full_product_name: { name: "cumin-messaging-0:0.1.1-2.el5.noarch as a component of MRG Management for RHEL 5 Server v.2", product_id: "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", }, product_reference: "cumin-messaging-0:0.1.1-2.el5.noarch", relates_to_product_reference: "5Server-MRG-Management-2", }, { category: "default_component_of", full_product_name: { name: "cumin-messaging-0:0.1.1-2.el5.src as a component of MRG Management for RHEL 5 Server v.2", product_id: "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", }, product_reference: "cumin-messaging-0:0.1.1-2.el5.src", relates_to_product_reference: "5Server-MRG-Management-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.noarch as a component of MRG Management for RHEL 5 Server v.2", product_id: "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", }, product_reference: "mrg-release-0:2.3.0-1.el5.noarch", relates_to_product_reference: "5Server-MRG-Management-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.src as a component of MRG Management for RHEL 5 Server v.2", product_id: "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", }, product_reference: "mrg-release-0:2.3.0-1.el5.src", relates_to_product_reference: "5Server-MRG-Management-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", }, product_reference: "mrg-release-0:2.3.0-1.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "mrg-release-0:2.3.0-1.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", }, product_reference: "mrg-release-0:2.3.0-1.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-qpid-0:0.18-4.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", }, product_reference: "python-qpid-0:0.18-4.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-qpid-0:0.18-4.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", }, product_reference: "python-qpid-0:0.18-4.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-qpid-qmf-0:0.18-15.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", }, product_reference: "python-qpid-qmf-0:0.18-15.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-qpid-qmf-0:0.18-15.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", }, product_reference: "python-qpid-qmf-0:0.18-15.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-saslwrapper-0:0.18-1.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", }, product_reference: "python-saslwrapper-0:0.18-1.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "python-saslwrapper-0:0.18-1.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", }, product_reference: "python-saslwrapper-0:0.18-1.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-client-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-client-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-devel-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-client-devel-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-devel-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-client-devel-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-rdma-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-client-rdma-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-rdma-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-ssl-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-client-ssl-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-client-ssl-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-mrg-0:0.18-14.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", }, product_reference: "qpid-cpp-mrg-0:0.18-14.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-cluster-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-cluster-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-cluster-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-devel-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-devel-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-devel-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-devel-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-rdma-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-rdma-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-rdma-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-ssl-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-ssl-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-ssl-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-store-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-store-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-store-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-store-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-xml-0:0.18-14.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", }, product_reference: "qpid-cpp-server-xml-0:0.18-14.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-cpp-server-xml-0:0.18-14.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", }, product_reference: "qpid-cpp-server-xml-0:0.18-14.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-java-0:0.18-7.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", }, product_reference: "qpid-java-0:0.18-7.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-java-client-0:0.18-7.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", }, product_reference: "qpid-java-client-0:0.18-7.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-java-common-0:0.18-7.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", }, product_reference: "qpid-java-common-0:0.18-7.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-java-example-0:0.18-7.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", }, product_reference: "qpid-java-example-0:0.18-7.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-jca-0:0.18-8.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", }, product_reference: "qpid-jca-0:0.18-8.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-jca-0:0.18-8.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", }, product_reference: "qpid-jca-0:0.18-8.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-jca-xarecovery-0:0.18-8.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", }, product_reference: "qpid-jca-xarecovery-0:0.18-8.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-0:0.18-15.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", }, product_reference: "qpid-qmf-0:0.18-15.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-0:0.18-15.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", }, product_reference: "qpid-qmf-0:0.18-15.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-0:0.18-15.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", }, product_reference: "qpid-qmf-0:0.18-15.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-debuginfo-0:0.18-15.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", }, product_reference: "qpid-qmf-debuginfo-0:0.18-15.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-debuginfo-0:0.18-15.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", }, product_reference: "qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-devel-0:0.18-15.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", }, product_reference: "qpid-qmf-devel-0:0.18-15.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-qmf-devel-0:0.18-15.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", }, product_reference: "qpid-qmf-devel-0:0.18-15.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-tests-0:0.18-2.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", }, product_reference: "qpid-tests-0:0.18-2.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-tests-0:0.18-2.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", }, product_reference: "qpid-tests-0:0.18-2.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-tools-0:0.18-8.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", }, product_reference: "qpid-tools-0:0.18-8.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "qpid-tools-0:0.18-8.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", }, product_reference: "qpid-tools-0:0.18-8.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "rhm-docs-0:0.18-2.el5.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", }, product_reference: "rhm-docs-0:0.18-2.el5.noarch", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "rhm-docs-0:0.18-2.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", }, product_reference: "rhm-docs-0:0.18-2.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "ruby-qpid-qmf-0:0.18-15.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", }, product_reference: "ruby-qpid-qmf-0:0.18-15.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "ruby-qpid-qmf-0:0.18-15.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", }, product_reference: "ruby-qpid-qmf-0:0.18-15.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "ruby-saslwrapper-0:0.18-1.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", }, product_reference: "ruby-saslwrapper-0:0.18-1.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "ruby-saslwrapper-0:0.18-1.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", }, product_reference: "ruby-saslwrapper-0:0.18-1.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-0:0.18-1.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", }, product_reference: "saslwrapper-0:0.18-1.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-0:0.18-1.el5.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", }, product_reference: "saslwrapper-0:0.18-1.el5.src", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-0:0.18-1.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", }, product_reference: "saslwrapper-0:0.18-1.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-debuginfo-0:0.18-1.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", }, product_reference: "saslwrapper-debuginfo-0:0.18-1.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-debuginfo-0:0.18-1.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", }, product_reference: "saslwrapper-debuginfo-0:0.18-1.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-devel-0:0.18-1.el5.i386 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", }, product_reference: "saslwrapper-devel-0:0.18-1.el5.i386", relates_to_product_reference: "5Server-MRG-Messaging-2", }, { category: "default_component_of", full_product_name: { name: "saslwrapper-devel-0:0.18-1.el5.x86_64 as a component of Red Hat MRG Messaging for RHEL 5 Server v.2", product_id: "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", }, product_reference: "saslwrapper-devel-0:0.18-1.el5.x86_64", relates_to_product_reference: "5Server-MRG-Messaging-2", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4446", discovery_date: "2012-07-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "851355", }, ], notes: [ { category: "description", text: "It was found that the Apache Qpid daemon (qpidd) treated AMQP connections with the federation_tag attribute set as a broker-to-broker connection, rather than a client-to-server connection. This resulted in the source user ID of messages not being checked. A client that can establish an AMQP connection with the broker could use this flaw to bypass intended authentication. For Condor users, if condor-aviary is installed, this flaw could be used to submit jobs that would run as any user (except root, as Condor does not run jobs as root).", title: "Vulnerability description", }, { category: "summary", text: "qpid-cpp: qpid authentication bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4446", }, { category: "external", summary: "RHBZ#851355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=851355", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4446", url: "https://www.cve.org/CVERecord?id=CVE-2012-4446", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4446", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4446", }, { category: "external", summary: "https://issues.apache.org/jira/browse/QPID-4631", url: "https://issues.apache.org/jira/browse/QPID-4631", }, ], release_date: "2013-03-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-03-06T18:38:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", product_ids: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0561", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "qpid-cpp: qpid authentication bypass", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4458", discovery_date: "2012-05-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "861234", }, ], notes: [ { category: "description", text: "The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.", title: "Vulnerability description", }, { category: "summary", text: "qpid-cpp: long arrays of zero-width types cause a denial of service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4458", }, { category: "external", summary: "RHBZ#861234", url: "https://bugzilla.redhat.com/show_bug.cgi?id=861234", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4458", url: "https://www.cve.org/CVERecord?id=CVE-2012-4458", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4458", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4458", }, { category: "external", summary: "https://issues.apache.org/jira/browse/QPID-4629", url: "https://issues.apache.org/jira/browse/QPID-4629", }, ], release_date: "2013-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-03-06T18:38:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", product_ids: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0561", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "qpid-cpp: long arrays of zero-width types cause a denial of service", }, { acknowledgments: [ { names: [ "Florian Weimer", ], organization: "Red Hat Product Security Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4459", discovery_date: "2012-05-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "861241", }, ], notes: [ { category: "description", text: "Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "qpid-cpp: crash due to qpid::framing::Buffer::checkAvailable() wraparound", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4459", }, { category: "external", summary: "RHBZ#861241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=861241", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4459", url: "https://www.cve.org/CVERecord?id=CVE-2012-4459", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4459", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4459", }, { category: "external", summary: "https://issues.apache.org/jira/browse/QPID-4629", url: "https://issues.apache.org/jira/browse/QPID-4629", }, ], release_date: "2013-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-03-06T18:38:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", product_ids: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0561", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.noarch", "5Server-MRG-Management-2:cumin-messaging-0:0.1.1-2.el5.src", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Management-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.noarch", "5Server-MRG-Messaging-2:mrg-release-0:2.3.0-1.el5.src", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.noarch", "5Server-MRG-Messaging-2:python-qpid-0:0.18-4.el5.src", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:python-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:python-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-devel-docs-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-client-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-mrg-0:0.18-14.el5.src", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-mrg-debuginfo-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-cluster-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-devel-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-rdma-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-ssl-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-store-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.i386", "5Server-MRG-Messaging-2:qpid-cpp-server-xml-0:0.18-14.el5.x86_64", "5Server-MRG-Messaging-2:qpid-java-0:0.18-7.el5.src", "5Server-MRG-Messaging-2:qpid-java-client-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-common-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-java-example-0:0.18-7.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-jca-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:qpid-jca-xarecovery-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.src", "5Server-MRG-Messaging-2:qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-debuginfo-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:qpid-qmf-devel-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:qpid-tests-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.noarch", "5Server-MRG-Messaging-2:qpid-tools-0:0.18-8.el5.src", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.noarch", "5Server-MRG-Messaging-2:rhm-docs-0:0.18-2.el5.src", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.i386", "5Server-MRG-Messaging-2:ruby-qpid-qmf-0:0.18-15.el5.x86_64", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:ruby-saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.src", "5Server-MRG-Messaging-2:saslwrapper-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-debuginfo-0:0.18-1.el5.x86_64", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.i386", "5Server-MRG-Messaging-2:saslwrapper-devel-0:0.18-1.el5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "qpid-cpp: crash due to qpid::framing::Buffer::checkAvailable() wraparound", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.